GSD-2022-1000684 tipc: improve size validations for received domain records

tipc: improve size validations for received domain records This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.9 by commit...

GSD-2022-1000597 tipc: improve size validations for received domain records

tipc: improve size validations for received domain records This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.23 by commit...

Expat has an unspecified vulnerability (CNVD-2022-18356)

Expat is a fast streaming XML parser written in C. A security vulnerability exists in Expat prior to 2.4.5, which stems from a lack of certain encoding validations in xmltokimpl.c. No detailed vulnerability details are currently available...

GSD-2022-1000178 tipc: improve size validations for received domain records

tipc: improve size validations for received domain records This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.179 by commit...

GSD-2022-1000144 tipc: improve size validations for received domain records

tipc: improve size validations for received domain records This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.229 by commit...

GSD-2022-1000117 tipc: improve size validations for received domain records

tipc: improve size validations for received domain records This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.266 by commit...

GSD-2022-1000094 tipc: improve size validations for received domain records

tipc: improve size validations for received domain records This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.301 by commit...

CLSA-2022-1644934107 Fix of CVE: CVE-2022-0435

tipc: improve size validations for received domain records Jon Maloy CVE-2022-0435...

Validation Bypass

github.com/cri-o/cri-o is vulnerable to Validation Bypass. When an attacker creates a pod with a hostIPC and hostNetwork kernel namespace, the attacker is able to apply sysctls from the list of safe sysctls specified for the cluster resulting in unauthorized access due to insufficient validations...

PYSEC-2022-76

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

PYSEC-2022-115

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

Mageia: Security Advisory (MGASA-2019-0414)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2020-0036)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2021-45847

Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file...

CVE-2021-45847

Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file...

UBUNTU-CVE-2021-45847

Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file...

CVE-2021-45847

Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file...

USN-5163-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expos...

Ubuntu: Security Advisory (USN-5163-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5163-1: Linux kernel vulnerabilities

Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the Option USB Hi...